Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tyJAmkAIDXgWIpPjGXVV_PEkUFs.roa
File: tyJAmkAIDXgWIpPjGXVV_PEkUFs.roa (raw, json)
Hash identifier: O2Egdy7r6hJwfDl74yT5n61hRqfhKc3OzxACws6oDHA=
Subject key identifier: B7:22:40:9A:40:08:0D:78:16:22:93:E3:19:75:55:FC:F1:24:50:5B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189E3FA4A417C9D114194A1346EF79D9B48
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tyJAmkAIDXgWIpPjGXVV_PEkUFs.roa
Signing time: Fri 11 Aug 2023 09:42:58 +0000
ROA not before: Fri 11 Aug 2023 09:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147291
IP address blocks: 89.213.135.0/24 maxlen: 24
89.213.138.0/24 maxlen: 24
89.213.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:fa:4a:41:7c:9d:11:41:94:a1:34:6e:f7:9d:9b:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 11 09:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b722409a40080d78162293e3197555fcf124505b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e4:99:34:b6:af:9f:06:ad:1f:5f:9b:51:a4:
f7:33:25:ef:92:21:32:87:5c:61:33:5a:7b:35:27:
40:71:14:5c:ab:f0:72:18:96:73:de:9c:9e:06:1b:
c6:b3:6a:d6:fd:68:eb:ff:5b:66:b5:dd:4e:7a:3c:
d4:51:6b:fd:de:24:ba:76:5d:d7:ab:c1:ef:49:7c:
e0:e6:c0:0c:8a:61:21:c7:2c:11:38:ed:dc:73:2d:
bb:20:e6:4b:ed:90:ba:61:d3:5e:f1:39:de:77:c7:
84:32:cc:37:7b:44:58:fa:ac:4a:42:26:c0:6c:30:
c7:a6:7b:76:a4:56:5c:e0:dd:74:0a:55:03:9b:f5:
42:d7:c6:ac:58:c0:e0:b4:cc:4d:14:7a:a4:38:d8:
ca:3d:1b:93:ca:49:63:73:7d:e7:4a:a5:3a:5c:07:
0d:6a:12:4e:ae:01:bf:e4:5f:e1:b8:8b:58:41:51:
7e:5c:cb:ae:59:dd:66:86:0a:26:9b:0a:a8:e1:7b:
fb:99:88:8d:93:6b:85:57:e2:33:8e:1a:63:85:77:
8b:98:29:c3:ba:92:0b:f1:a7:15:0f:b4:e6:e4:6b:
5a:30:8f:8e:e8:eb:a3:54:b2:32:3a:32:55:70:00:
a2:18:60:90:88:1a:3b:79:f8:c1:d3:b5:ce:23:b8:
36:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:22:40:9A:40:08:0D:78:16:22:93:E3:19:75:55:FC:F1:24:50:5B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tyJAmkAIDXgWIpPjGXVV_PEkUFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.135.0/24
89.213.137.0-89.213.138.255
Signature Algorithm: sha256WithRSAEncryption
13:d0:2c:e9:32:28:fa:7a:05:4d:e3:18:cb:39:3d:a7:ac:7d:
65:2d:6e:1b:40:68:3e:e4:21:dd:b0:5d:32:50:44:32:b8:88:
7e:3f:4d:f4:a8:0a:70:1e:80:a9:14:62:09:48:61:3e:94:f2:
42:57:1d:67:cd:4c:72:de:51:26:40:24:d3:64:4a:85:b7:bb:
37:60:19:c9:70:c9:6c:5e:fe:db:85:18:c6:de:6d:a4:e6:bb:
b7:88:fb:6f:bc:8a:cd:ba:82:f1:f2:1d:96:ee:9a:13:2d:ae:
49:8a:68:90:05:7d:e6:fe:94:25:13:6b:07:2e:8d:73:39:a7:
5c:02:85:14:92:f8:01:78:00:11:10:27:17:7c:da:00:d0:09:
bf:8c:2f:db:70:d0:52:f4:82:00:de:c4:2a:9a:df:0e:5c:32:
f7:a8:e6:cb:02:f2:ab:5a:0f:40:90:4e:19:0c:83:ca:10:87:
ca:c7:a3:b0:70:39:32:80:bb:16:53:24:c5:67:0f:c1:cf:42:
ed:67:35:11:41:ad:e1:fb:f3:12:f6:5e:61:ed:6a:df:29:4f:
cc:52:8b:5e:6f:7b:fd:d3:89:84:37:be:85:66:32:18:34:13:
e3:87:71:91:cb:2d:4e:3e:d2:92:b9:1b:ab:3a:6b:55:74:81:
33:9a:6e:b2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYnj+kpBfJ0RQZShNG73nZtIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODExMDk0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzIyNDA5YTQwMDgwZDc4MTYyMjkzZTMxOTc1NTVmY2YxMjQ1MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OSZNLavnwatH1+bUaT3MyXvkiEy
h1xhM1p7NSdAcRRcq/ByGJZz3pyeBhvGs2rW/Wjr/1tmtd1OejzUUWv93iS6dl3X
q8HvSXzg5sAMimEhxywROO3ccy27IOZL7ZC6YdNe8Tned8eEMsw3e0RY+qxKQibA
bDDHpnt2pFZc4N10ClUDm/VC18asWMDgtMxNFHqkONjKPRuTykljc33nSqU6XAcN
ahJOrgG/5F/huItYQVF+XMuuWd1mhgommwqo4Xv7mYiNk2uFV+IzjhpjhXeLmCnD
upIL8acVD7Tm5GtaMI+O6OujVLIyOjJVcACiGGCQiBo7efjB07XOI7g2GwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLciQJpACA14FiKT4xl1VfzxJFBbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdHlKQW1rQUlEWGdXSXBQakdYVlZfUEVrVUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWdWHMAwD
BABZ1YkDBABZ1YowDQYJKoZIhvcNAQELBQADggEBABPQLOkyKPp6BU3jGMs5Paes
fWUtbhtAaD7kId2wXTJQRDK4iH4/TfSoCnAegKkUYglIYT6U8kJXHWfNTHLeUSZA
JNNkSoW3uzdgGclwyWxe/tuFGMbebaTmu7eI+2+8is26gvHyHZbumhMtrkmKaJAF
feb+lCUTawcujXM5p1wChRSS+AF4ABEQJxd82gDQCb+ML9tw0FL0ggDexCqa3w5c
Mveo5ssC8qtaD0CQThkMg8oQh8rHo7BwOTKAuxZTJMVnD8HPQu1nNRFBreH78xL2
XmHtat8pT8xSi15ve/3TiYQ3voVmMhg0E+OHcZHLLU4+0pK5G6s6a1V0gTOabrI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:01 2025 by rpki-client